According to a disclosure made Tuesday by the development team behind ZCash, the most highly capitalized privacy-focused cryptocurrency (with a market cap in excess of $270M at the time of publication), has secretly fixed a critical security flaw in ZCash’s design, which was discovered by ZCash cryptographer, Ariel Gabizon, about a year ago.
Last March while preparing a presentation for a cryptography finance conference the following day, Gabizon discovered a crucial flaw in the cryptographic functions underlying zk-SNARKS, an implementation of zero-knowledge proofs used by ZCash and other privacy coins to give users the option of greater privacy though true cryptographic anonymity.
ZCash says the vulnerability (which was so subtle that the world’s top cryptography experts have overlooked it for years) did not threaten the network’s anonymity in any way but could have been manipulated by hackers to create an unlimited amount of counterfeit ZCash.
Had the security flaw been discovered by a more unscrupulous developer, it could have been exploited to steal potentially millions of dollars from ZCash users before being discovered and perhaps irreparably damaging the market’s trust in the privacy coin.
Because other cryptocurrencies employ the same algorithms the stakes were high. These include Komodo whose KMD tokens have a total market value in excess of $70 million and Horizen (formerly called ZenCash) whose ZEN tokens are valued at $22 million.
With so many millions of dollars of cryptocurrency users’ money exposed to theft and sabotage, Zcash remained tight-lipped about the vulnerable, and chose to secretly notify only Komodo and Horizen (the two highest market-cap coins that employ the flawed cryptography), and only after quietly slipping a fix for the vulnerability into ZCash’s Sapling network upgrade at the end of October.
Emin Gün Sirer, a Cornell Professor of computer science tweeted:
But it’s a stretch to characterize these bugs as “endemic” to privacy coins.
As Bitcoin Core developer Peter Todd said (in a tweet storm that reveals he is hardly biased toward ZCash, whose developers he castigates for incompetence and deceit), this is only one of two counterfeit currency exploits Zcash has found:
It is also misleading to cast such shade at ZCash and privacy coins in particular, in such a way that implies they are the only cryptos to have found and patched security flaws that could have been exploited to create counterfeit crypto coins.
Last September, an update to Bitcoin Core included a fix for a different kind of design flaw that could have been exploited to create the same result for an unscrupulous actor– the ability to create an infinite amount of bitcoin without following the consensus rules or going to the expense that legitimate bitcoin miners have to.
But in all these cases, for Bitcoin as well as for blockchains that use zk-SNARKS to protect user anonymity, the vulnerabilities were discovered by the networks’ developers and remediated. These moments emphasize the risks of using new peer-to-peer financial technology, but they also reflect the integrity, skill, and tenacity of the developers behind cryptocurrencies, and should inspire confidence in these teams.
That’s why NSA whistleblower Edward Snowden praised ZCash Tuesday for how they discovered the flaw and took prudent steps to fix it while safeguarding millions of dollars worth of users’ crypto coins:
Edward Snowden, who is famous for blowing the whistle on NSA surveillance programs for violating Americans’ privacy, has praised ZCash in the past for its privacy features:
Although Bitcoin offers users a high degree of privacy and anonymity, all transactions on the Bitcoin network are publicly available information on the vast public ledger of accounts, amounts, and transactions maintained by Bitcoin miners.
Instead of hiding the information, Bitcoin publishes all of it (though without any person or institution’s name attached to any account number or transasaction).
This spreads the information so thin that it creates a nearly insurmountable obstacle to tracking financial activity, but there’s when it comes to financial privacy, crypto markets have described a vast difference between nearly and completely.
Using Zero-KnowledgeProofs ZCash actually conceals users’ financial information and activity by allowing them to verifiably prove to the rest of the network that they know a given value without disclosing anything about the value itself, or any other knowledge whatsoever.
ZCash is good for uses cases that require privacy, making it an ideal side chain in the crypto ecosystem, which can be used to make truly private and anonymous transfers of money.
The ZCash can then be converted back to Bitcoin to reduce exposure to the evident risks of holding coins in smaller alt coins with lower market capitalization, less development muscle, and fewer years spent discovering and fixing bugs.